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DETAILED ACTION 

Continued Examination Under 37 CFR 1.114 

1 . A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on March 
10, 2009 has been entered. 



Response to Arguments 

2. Applicant's arguments filed March 10, 2009 have been fully considered but they 
are not persuasive. Applicant argues that Coss fails to teach or suggest saving data for 
use in a later executed rule. While Coss does state that the rule processing is bypassed 
(column 5, lines 42-45), the applicant is misinterpreting the use of the word bypass. 
Coss specifically states that after caching results for a specific packet of a given 
network session so that when subsequent packets from the same network session 
arrive at the firewall the results from the previous packet are used (column 5, lines 45- 
50). Therefore for that subsequent packet the rule set is applied. The condition is 
analyzed when it is determined that the subsequent packet is from the same network 
flow, and then the action is completed when the previous results are used. Since the 
condition is met and then the action executed, the rule set is being executed. 
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3. Applicant goes on to argue that Coss teaches away from applicant's claimed 
invention. As explained above Coss teaches what is claimed by applicant. Also, it is 
noted that it is unclear in the specification how else the saved results would be used in a 
later executed rule. 

4. In response to applicant's argument that the examiner has combined an 
excessive number of references, reliance on a large number of references in a rejection 
does not, without more, weigh against the obviousness of the claimed invention. See In 
re Gorman, 933 F.2d 982, 18 USPQ2d 1885 (Fed. Cir. 1991). 

5. In response to applicant's argument that the examiner's conclusion of 
obviousness is based upon improper hindsight reasoning, it must be recognized that 
any judgment on obviousness is in a sense necessarily a reconstruction based upon 
hindsight reasoning. But so long as it takes into account only knowledge which was 
within the level of ordinary skill at the time the claimed invention was made, and does 
not include knowledge gleaned only from the applicant's disclosure, such a 
reconstruction is proper. See In re McLaughlin, 443 F.2d 1392, 170 USPQ 209 (CCPA 
1971). 

Claim Objections 

6. Claim 7 is objected to because of the following informalities: Claim 7 depends 
from claim 6, which has been cancelled. For purposes of examination it is assumed that 
claim 7 is intended to depend from claim 1. Appropriate correction is required. 
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Claim Rejections - 35 USC § 101 

7. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

8. Claims 9 - 13, and 15 - 17 are rejected under 35 U.S.C. 101 because the 
claimed invention is directed to non-statutory subject matter. While the claims are 
directed towards a system, there is no actual hardware in the body of the claim and is 
therefore software per se. In addition in paragraph [0017] of applicants specification the 
invention is defined to include a software system. 

Claim Rejections - 35 USC § 103 

9. The text of those sections of Title 35, U.S. Code not included in this action can 
be found in a prior Office action. 

10. Claims 1 - 5, 7 - 13, 15 - 22, 24 and 25 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Coss in view of Moir's US Publication 2002/0120720 A1 in 
view of Venkatachary, and further in view of Katz. 

1 1 . Referring to claims 1 , 9, and 18, Coss discloses: 

a. Receiving state rules (column 4, lines 4-6). 

b. Forming a set of rules including at least one condition and one action 
(column 4, lines 30-34). 

c. Storing a set of rules in tabular form(column 4, lines 5-6). 

d. Receiving a network flow including a plurality of packets (column 6, lines 
29-30, Figure 5, element 501). 
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e. Applying the state rules to the plurality of packets in the network flow 
(column 6, lines 18-21). 

f. Wherein the at least one action comprises instantiation of a rule for the 
network flow from the set of rules (column 4, line 48) and further wherein the at 
least one action comprises saving the result of the at least one action for use in a 
later executed rule (column 5, lines 40-42). 

12. Coss does not explicitly disclose expressing rules in a text format and converting 
them into a binary format. However, Moir discloses receiving the rule file in text format 
and converting it into a binary format (page 6, paragraph 72). Coss and Moir are 
analogous art because they are from the same field of endeavor, rules. At the time of 
the invention, it would have been obvious to one of ordinary skill in the art, having the 
teachings of Coss and Moir before him or her, to modify the system of Coss to include 
the text to binary of Moir. The suggestion/motivation for doing so would have been so 
that the rules may be supported by the virtual machine (page 5, paragraph 58). 

1 3. Coss in view of Moir does not explicitly disclose there being a database of filters, 
where a specific filter is selected. However Venkatachary discloses a database of filters 
or rules (column 8, lines 16-17) and selecting a filter (column 8, lines 56-57). Coss in 
view of Moir and Venkatachary are analogous art because they are from the same field 
of endeavor, filtering. At the time of the invention, it would have been obvious to one of 
ordinary skill in the art, having the teachings of Coss in view of Moir and Venkatachary 
before him or her, to modify the method of Coss in view of Moir to include the database 
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of filters of Venkatachary. The motivation fordoing so would have been to provide traffic 
sensitive routing (column 2, lines 21-22). 

14. Coss in view of Moir in view of Venkatachary does not explicitly disclose passing 
the definitions as a state machine. However, Katz discloses that state machines are 
critical for realizing the control and decision making logic in digital systems (page 383, 
2 nd paragraph). Katz and Coss in view of Moir in view of Venkatachary are analogous 
art because they are from the same field of endeavor, digital systems. At the time of the 
invention, it would have been obvious to one of ordinary skill in the art, having the 
teachings of Coss in view of Moir in view of Venkatachary and Katz before him or her, to 
modify Coss in view of Moir in view of Venkatachary to include the state machine of 
Katz. The motivation for doing so would have been that state machines are critical for 
realizing the control and decision making logic in digital systems (page 383, 2 nd 
paragraph). 

1 5. Referring to claims 2,3,10,11,19 and 20, Venkatachary teaches analyzing the 
application layer context (column 5, lines 60-62). 

16. Referring to claims 4, 12, and 21 , Coss teaches wherein the filter comprises a 
dynamic filter (column 8, lines 27-30). 

1 7. Referring to claims 5, 1 3, 22, Coss teaches wherein the filter comprises a static 
filter (Figure 3). Static rules are defined in applicant's specification as a rule that applies 
to aggregate flows. In Figure 3, all flows from A to B of type FTP are Passed. 

18. Referring to claim 7, Katz teaches that the state is maintained based on the state 
table (page 385). Coss teaches maintaining a state table of saved results (column 5, 
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lines 38-55). Therefor Coss in view of Katz teaches maintaining an expected state 
utilizing the saved results. 

19. Referring to claims 8, 16, and 25, Coss teaches activating a rule (column 8, lines 
13-15). 

20. Referring to claims 15, and 24, Coss teaches deactivating a rule (column 8, lines 
36-38). 

21 . Referring to claim 1 7, Coss teaches maintaining a state table for the network flow 
(column 5, lines 38-55). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to CORDELIA KANE whose telephone number is 
(571 )272-7771 . The examiner can normally be reached on Monday - Thursday 8:00 - 
5:00 EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 



Application/Control Number: 10/815,539 Page 8 

Art Unit: 2432 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/C. K.I 

Examiner, Art Unit 2432 
/Gilberto Barron Jr./ 

Supervisory Patent Examiner, Art Unit 2432 



